I'm trying to run a php application in cgi mode which will use posix_set_uid function to set its user id to different users.
I have set the user and group of the program to root:root and set the permissions as
-rws--sr-x 1 root root 1096 Oct 1 12:58 test2.cgi
here's my program
-----------------------------
#!/usr/local/bin/php-cgi
<?php
echo "uid = ".posix_getuid()."<br>";
echo "gid = ".posix_getgid()."<br>";
echo "euid = ".posix_geteuid()."<br>";
echo "egid = ".posix_getegid()."<br>";
$rtwick=posix_getpwnam('rtwick');
echo "user info for rtwick = ";
print_r($rtwick);
echo "<br>setting euid to ".$rtwick["uid"]."<br>";
$f = posix_seteuid($rtwick["uid"]);
$a1 = posix_get_last_error();
echo "last error no = $a1, last error = ".posix_strerror($a1)."<br>";if (!$f)
echo "can not set uid<br>";
?>
------------------------------
and here's the result I'm getting
--------------------------
uid = 48
gid = 10001
euid = 48
egid = 10001
user info for rtwick = Array ( [name] => rtwick [passwd] => x [uid] => 10007 [gid] => 10007 [gecos] => [dir] => /home/rtwick [shell] => /bin/bash )
setting euid to 10007
last error no = 1, last error = Operation not permitted
can not set uid
-----------------------------
I have seen programs when invoked this way has the euid of 0 (root) and can do set euid to any other user.
if any body done something like this or has any clue how to get it working please let me know.
thanks for your help
R'twick
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
